package org.apache.pdfbox.examples.signature;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Enumeration;
import java.util.Iterator;
import org.apache.pdfbox.pdmodel.PDDocument;
import org.apache.pdfbox.pdmodel.interactive.digitalsignature.PDSignature;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.Attributes;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationStore;
import org.bouncycastle.tsp.TSPException;

/* loaded from: input_file:org/apache/pdfbox/examples/signature/CreateSignature.class */
public class CreateSignature extends CreateSignatureBase {
    public CreateSignature(KeyStore keyStore, char[] cArr) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
        Enumeration<String> aliases = keyStore.aliases();
        if (!aliases.hasMoreElements()) {
            throw new KeyStoreException("Keystore is empty");
        }
        String nextElement = aliases.nextElement();
        setPrivateKey((PrivateKey) keyStore.getKey(nextElement, cArr));
        setCertificate(keyStore.getCertificateChain(nextElement)[0]);
    }

    public void signDetached(File file) throws IOException {
        signDetached(file, file, (TSAClient) null);
    }

    public void signDetached(File file, File file2) throws IOException {
        signDetached(file, file2, (TSAClient) null);
    }

    public void signDetached(File file, File file2, TSAClient tSAClient) throws IOException {
        if (file == null || !file.exists()) {
            throw new FileNotFoundException("Document for signing does not exist");
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file2);
        PDDocument load = PDDocument.load(file);
        signDetached(load, fileOutputStream, tSAClient);
        load.close();
    }

    public void signDetached(PDDocument pDDocument, OutputStream outputStream, TSAClient tSAClient) throws IOException {
        setTsaClient(tSAClient);
        PDSignature pDSignature = new PDSignature();
        pDSignature.setFilter(PDSignature.FILTER_ADOBE_PPKLITE);
        pDSignature.setSubFilter(PDSignature.SUBFILTER_ADBE_PKCS7_DETACHED);
        pDSignature.setName("Example User");
        pDSignature.setLocation("Los Angeles, CA");
        pDSignature.setReason("Testing");
        pDSignature.setSignDate(Calendar.getInstance());
        pDDocument.addSignature(pDSignature, this);
        pDDocument.saveIncremental(outputStream);
    }

    @Override // org.apache.pdfbox.examples.signature.CreateSignatureBase
    protected CMSSignedData signTimeStamps(CMSSignedData cMSSignedData) throws IOException, TSPException {
        SignerInformationStore signerInfos = cMSSignedData.getSignerInfos();
        ArrayList arrayList = new ArrayList();
        Iterator it = signerInfos.getSigners().iterator();
        while (it.hasNext()) {
            arrayList.add(signTimeStamp((SignerInformation) it.next()));
        }
        return CMSSignedData.replaceSigners(cMSSignedData, new SignerInformationStore(arrayList));
    }

    private SignerInformation signTimeStamp(SignerInformation signerInformation) throws IOException, TSPException {
        AttributeTable unsignedAttributes = signerInformation.getUnsignedAttributes();
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (unsignedAttributes != null) {
            aSN1EncodableVector = unsignedAttributes.toASN1EncodableVector();
        }
        aSN1EncodableVector.add(new Attribute(PKCSObjectIdentifiers.id_aa_signatureTimeStampToken, new DERSet(ASN1Primitive.fromByteArray(getTsaClient().getTimeStampToken(signerInformation.getSignature())))));
        SignerInformation replaceUnsignedAttributes = SignerInformation.replaceUnsignedAttributes(signerInformation, new AttributeTable(new Attributes(aSN1EncodableVector)));
        return replaceUnsignedAttributes == null ? signerInformation : replaceUnsignedAttributes;
    }

    public static void main(String[] strArr) throws IOException, GeneralSecurityException {
        if (strArr.length < 3) {
            usage();
            System.exit(1);
        }
        String str = null;
        int i = 0;
        while (i < strArr.length) {
            if (strArr[i].equals("-tsa")) {
                i++;
                if (i >= strArr.length) {
                    usage();
                }
                str = strArr[i];
            }
            i++;
        }
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        char[] charArray = strArr[1].toCharArray();
        keyStore.load(new FileInputStream(strArr[0]), charArray);
        TSAClient tSAClient = null;
        if (str != null) {
            tSAClient = new TSAClient(new URL(str), null, null, MessageDigest.getInstance("SHA-256"));
        }
        CreateSignature createSignature = new CreateSignature(keyStore, charArray);
        File file = new File(strArr[2]);
        String name = file.getName();
        createSignature.signDetached(file, new File(file.getParent(), name.substring(0, name.lastIndexOf(46)) + "_signed.pdf"), tSAClient);
    }

    private static void usage() {
        System.err.println("usage: java " + CreateSignature.class.getName() + " <pkcs12_keystore> <password> <pdf_to_sign>\noptions:\n  -tsa <url>    sign timestamp using the given TSA server");
    }
}
